Add elara

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

scripts/add-host.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o nounset
+set -o pipefail
+
 if [[ "$#" -ne 2 ]]; then
   echo "Usage: $0 <host> <sops-master-key>"
   exit 1

scripts/add-user.sh

@@ -1,23 +0,0 @@
-#!/usr/bin/env bash
-
-if [[ "$#" -ne 2 ]]; then
-  echo "Usage: $0 <user> <sops-master-key>"
-  exit 1
-fi
-
-USER="$1"
-
-mkdir -p "./users/${USER}/secrets"
-
-nix shell nixpkgs#age --command age-keygen -o "./users/${USER}/secrets/key.txt"
-
-AGE_KEY=$(grep "^# public key: " "./users/${USER}/secrets/key.txt" | sed "s/# public key: //")
-
-for SOPS_FILE in $(find . -type f -name "sops.yaml"); do
-  sed -i "/- users:/a\    - &${USER} ${AGE_KEY}" "${SOPS_FILE}"
-  sed -i "/- age:/a\        - *${USER}" "${SOPS_FILE}"
-done
-
-"$(dirname "$0")/update-keys.sh" "$2"
-
-echo "User ${USER} has been successfully added."

scripts/install.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o nounset
+set -o pipefail
+
 check_root() {
   if [[ "${EUID}" -ne 0 ]]; then
     echo "Please run the script as root."
@@ -8,6 +12,8 @@ check_root() {
 }
 
 check_network() {
+  rfkill unblock all
+
   if ping -c 1 google.com &>/dev/null; then
     echo "Network connection detected, skipping Wi-Fi setup."
     return
@@ -33,16 +39,15 @@ setup_wifi() {
   echo "Enter the network interface you want to use:"
   read -r interface
 
+  echo "Enter the SSID of the open network:"
+  read -r ssid
+
   echo "Do you want to connect to an open network? [y/N]"
   read -r open_network
 
   if [[ "${open_network}" =~ ^([yY][eE][sS]|[yY])$ ]]; then
-    echo "Enter the SSID of the open network:"
-    read -r ssid
     wpa_supplicant -i "${interface}" -c <(wpa_passphrase "${ssid}") -B
   else
-    echo "Enter the SSID:"
-    read -r ssid
     echo "Enter the passphrase:"
     read -rs passphrase
 
@@ -52,24 +57,30 @@ setup_wifi() {
   fi
 
   dhcpcd
+
+  echo "Waiting for a network connection..."
+
+  for i in {1..10}; do
+    if ping -c 1 google.com &>/dev/null; then
+      echo "Connected to the network successfully."
+      return
+    fi
+    sleep 1
+  done
+
+  echo "Failed to establish a connection within the timeout period."
+  exit 1
 }
 
 select_host() {
   echo "Available hosts:"
-  echo $(nix --experimental-features "nix-command flakes" flake show --json | nix --experimental-features "nix-command flakes" shell nixpkgs#jq --command jq -r '.nixosConfigurations | keys[]')
+  echo $(nix --experimental-features "nix-command flakes" flake show --json |
+    nix --experimental-features "nix-command flakes" shell nixpkgs#jq --command jq -r '.nixosConfigurations | keys[]')
 
   echo "Enter host:"
   read -r host
 }
 
-select_users() {
-  echo "Available users:"
-  ls users/
-
-  echo "Enter the users to copy keys for (space-separated):"
-  read -r -a users
-}
-
 prepare_disk() {
   local mode="$1"
   device=$(grep -oP '(?<=device = ")[^"]+' "./hosts/${host}/default.nix")
@@ -80,11 +91,25 @@ copy_keys() {
   mkdir -p /mnt/persist/etc/ssh
   cp "./hosts/${host}/secrets/ssh_host_ed25519_key" /mnt/persist/etc/ssh/ssh_host_ed25519_key
 
-  for user in "${users[@]}"; do
-    mkdir -p "/mnt/persist/home/${user}/.config/sops-nix"
-    cp "./users/${user}/secrets/key.txt" "/mnt/persist/home/${user}/.config/sops-nix/key.txt"
+  for path in "./hosts/${host}/users"/*; do
+    user=$(basename "${path}")
+    echo "User detected: ${user}"
 
-    uid=$(cat "./users/${user}/uid")
+    echo "Available keys for ${user}:"
+    ls ./secrets/*/key.txt
+
+    echo "Enter the key file to copy (or press Enter to skip this user):"
+    read -r key
+
+    if [[ -z "${key}" ]]; then
+      echo "Skipping ${user}"
+      continue
+    fi
+
+    mkdir -p "/mnt/persist/home/${user}/.config/sops-nix"
+    cp "${key}" "/mnt/persist/home/${user}/.config/sops-nix/key.txt"
+
+    uid=$(cat "./hosts/${host}/users/${user}/uid")
     gid=100
 
     chown -R "${uid}:${gid}" "/mnt/persist/home/${user}"
@@ -107,7 +132,6 @@ main() {
 
   case ${choice} in
     1)
-      select_users
       prepare_disk "disko"
       copy_keys
       install

scripts/remove-host.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o nounset
+set -o pipefail
+
 if [[ "$#" -ne 2 ]]; then
   echo "Usage: $0 <host> <sops-master-key>"
   exit 1

scripts/remove-user.sh

@@ -1,21 +0,0 @@
-#!/usr/bin/env bash
-
-if [[ "$#" -ne 2 ]]; then
-  echo "Usage: $0 <user> <sops-master-key>"
-  exit 1
-fi
-
-USER="$1"
-
-AGE_KEY=$(grep "^# public key: " "./users/${USER}/secrets/key.txt" | sed "s/# public key: //")
-
-for SOPS_FILE in $(find . -type f -name "sops.yaml"); do
-  sed -i "/    - &${USER} ${AGE_KEY}/d" "${SOPS_FILE}"
-  sed -i "/        - \*${USER}/d" "${SOPS_FILE}"
-done
-
-"$(dirname "$0")/update-keys.sh" "$2"
-
-rm -rf ./users/"${USER}"
-
-echo "User ${USER} has been successfully removed."

scripts/update-keys.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o nounset
+set -o pipefail
+
 if [[ "$#" -ne 1 ]]; then
   echo "Usage: $0 <sops-master-key>"
   exit 1

scripts/update.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o nounset
+set -o pipefail
+
 paths=$(git config --file .gitmodules --name-only --get-regexp path | while read -r line; do
   path=$(git config --file .gitmodules --get "${line}")
   url=$(git config --file .gitmodules --get "${line%.*}.url")